iPhone Fingerprint Hack Contest Dangles $18,000

Crowd-funded effort also promises erotica, bourbon, bitcoins and whiskey to the first person who can successfully bypass the iPhone 5s Touch ID fingerprint reader.

9 Android Apps To Improve Security, Privacy

(click image for larger view)

Cryptographers, security researchers, entrepreneurs and at least one journalist and vulnerability broker have been pooling their resources to offer a reward to the first person who manages to successfully fool the Touch ID biometric fingertip scanner built into the new iPhone 5s and unlock.

The Touch ID hacking bounty, first reported by ZDNet, was kicked off following a Wednesday conversation between security researchers Don Bailey and Nick DePetrillo, which resulted in DePetrillo making the following offer via Twitter: "I will pay the first person who successfully lifts a print off the iPhone 5s screen, reproduces it and unlocks the phone in < 5 tries $100."

"All I ask is a video of the process from print, lift, reproduction and successful unlock with reproduced print," he said. "I'll put money on this."

In short order he did put money on it, and was soon joined by others. According to the IsTouchIDHackedYet? website that he set up with network IPS pioneer and Errata Security CEO Robert David Graham to track the bids, pledgers have included John Hopkins cryptography professor Matthew Green, the Bangkok-based vulnerability seller known as the GrugQ, as well as Arturas Rosenbacher of IO Capital, who Thursday sweetened the pot by $10,000.

By Friday morning, 82 people had been recorded as collectively promising erotica, wine, bourbon, bitcoins and Scottish whisky, as well as cold, hard cash -- nearly $19,000, including the value of bitcoins and euros pledged -- to the winner. The organizers promised to continue watching for related pledges on Twitter.

The popularity of the Touch ID hacking contest seemed to take the organizers by surprise. "Our unofficial internet contest that's based entirely on honor system pledges to defeat a technology that isn't out yet is hysterical," tweeted
DePetrillo, who's a senior security researcher at Crucial Security. "Just think of the hackers whose girlfriends will be neglected while they go after this challenge," he added.

Graham said via Twitter that he was "astonished" at the interest in the contest. But he expressed skepticism that Touch ID can be hacked. "I doubt it will be successful ... which is why I'm betting $100 it won't be successful," he said via Twitter. In the meantime, however, he's already ponied up $70 for the hacking contest domain name and six months of hosting, Threatpost reported.

But finding a way to trick Touch ID isn't the only goal of the effort, co-founder Don Bailey, who's a senior security researcher at iSec Partners, told Threatpost. "We want to get more people aware of the new pieces of hardware functionality coming out," he said. "Because not a lot of people are looking at hardware security, and by doing things like this we get to put a spotlight on security in places where people usually presume it's either too easy or too hard."

There is a video today of someone supposedly "hacking" the Touch ID... but it's the same guy who registered his fingerprint that "unlocks" his iphone with something on his fingertip.

Even if you have thick chapped skin on your fingertips, the Touch ID will still recognize you because it reads your sub-dermal prints.

Of course he is going to unlock his own phone, because the Touch ID does not read the surface, but scans below the outer skin to recognize him as the owner.

Duh!!!

We need to see another person who has NOT registered his fingerprints on this phone, using the registered person's printed fingerprint. But the guy who made this video obviously knew that wouldn't work. ;-))

Here is some information about the deep scanning that Touch ID does, and why printing a fingerprint, or using a severed finger will NOT work:

Capacitive -- A capacitive sensor is activated by the slight electrical charge running through your skin. We all have a small amount of electrical current running through our bodies, and capacitive technology utilizes that to sense touch. This is also the same technology used in the iPhone's touchscreen to detect input.

Radio frequency -- RF waves do not respond to the dead layer of skin on the outside of your finger -- the part that might be chapped or too dry to be read with much accuracy -- and instead reads only the living tissue underneath. This produces an extremely precise image of your print, and ensures that a severed finger is completely useless.

This video only proves that Touch ID can still recognize your fingerprint, even if you have something thin between you and the scanner.

This guy is not winning the contest, but nice try to fake things. ;-))

Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.

Worries about subpar networks tanking unified communications programs could be valid: Thirty-one percent of respondents have rolled capabilities out to less than 10% of users vs. 21% delivering UC to 76% or more. Is low uptake a result of strained infrastructures delivering poor performance?